[jasper/f20: 2/2] Merge branch 'f19' into f20
Jiří Popelka
jpopelka at fedoraproject.org
Thu Dec 18 17:20:31 UTC 2014
commit 76d5098c14cf0046f2e7baf3794a064e97f33197
Merge: a7d18e2 206ab97
Author: Jiri Popelka <jpopelka at redhat.com>
Date: Thu Dec 18 18:17:47 2014 +0100
Merge branch 'f19' into f20
jasper-CVE-2014-8137.patch | 57 ++++++++++++++++++++++++++++++++++++++++++++
jasper-CVE-2014-8138.patch | 14 ++++++++++
jasper.spec | 42 +++++++++++++++++++-------------
3 files changed, 96 insertions(+), 17 deletions(-)
---
diff --cc jasper.spec
index 253918b,fc6270a..2b81fdb
--- a/jasper.spec
+++ b/jasper.spec
@@@ -7,7 -7,7 +7,7 @@@ Summary: Implementation of the JPEG-200
Name: jasper
Group: System Environment/Libraries
Version: 1.900.1
--Release: 26%{?dist}
++Release: 27%{?dist}
License: JasPer
URL: http://www.ece.uvic.ca/~frodo/jasper/
@@@ -173,7 -177,11 +177,11 @@@ make chec
%changelog
-* Thu Dec 18 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-26
++* Thu Dec 18 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-27
+ - CVE-2014-8137 - double-free in jas_iccattrval_destroy() (oCERT-2014-012) (#1175761)
+ - CVE-2014-8138 - heap overflow in jp2_decode() (oCERT-2014-012) (#1175761)
+
-* Thu Dec 04 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-25
+* Thu Dec 04 2014 Jiri Popelka <jpopelka at redhat.com> - 1.900.1-26
- CVE-2014-9029 - incorrect component number check in COC, RGN and QCC
marker segment decoders (#1170650)
More information about the scm-commits
mailing list